* Project Security

Security issues *always* take precedence over bug fixes, and feature work.
Peer reviews, and security research, are also welcome to ensure nobody's
instance is ever compromised.

Releases with security fixes are always marked as [Urgent]

** Where should I report security issues?

Email directly ~maintainer@project.org~ with details, and reproduction
steps. Please allow 90-days[1] before disclosing any security issues.
Alternatively, add a copy of your published findings in the ~disclosed~
directory.

[1] from when we first reply to your report.


** Acknowledgments

We would like to thank the following researchers:

(YYYY-MM-DD) Name/alias - Issue description in half a line.
